From 27fe5a480726f0e1e45669c0a02d1fa2dfec254c Mon Sep 17 00:00:00 2001
From: Bernhard Kaindl <bernhard.kaindl@autonoma.cloud>
Date: Sun, 16 Oct 2022 19:32:44 +0200
Subject: [PATCH] Fix docker example for newer tfm and clean all temps

In examples/1_docker_without_gcp:

- In newer terraform versions, the list() function has been removed.
-> use tolist([string]) which is available since terraform 0.12:
   https://www.terraform.io/language/functions/list

- Fix 1_clear.sh to also remove the terraform lock and vault data.
---
 examples/1_docker_without_gcp/1_clear.sh                   | 7 +++++--
 .../terraform/modules/user_accounts/main.tf                | 4 ++--
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/examples/1_docker_without_gcp/1_clear.sh b/examples/1_docker_without_gcp/1_clear.sh
index 7ffd5ff..c77b256 100755
--- a/examples/1_docker_without_gcp/1_clear.sh
+++ b/examples/1_docker_without_gcp/1_clear.sh
@@ -3,12 +3,15 @@
 # Remove any existing cog SSH keys
 rm -rf keys terraform/keys
 
-# Remove any existing terraform directory
-rm -rf terraform/.terraform
+# Remove existing terraform directory and lock
+rm -rf terraform/.terraform terraform/.terraform.lock.hcl
 
 # Stop and remove containers, networks, images, and volumes 
 docker-compose down
 
+# Remove vault data
+sudo rm -rf vault/data/
+
 # Remove any persistent vault data
 rm -rf vault/{data,file,logs} VAULT_PASSWORD vault_initialization.log
 
diff --git a/examples/1_docker_without_gcp/terraform/modules/user_accounts/main.tf b/examples/1_docker_without_gcp/terraform/modules/user_accounts/main.tf
index 75490b4..8a57ba5 100644
--- a/examples/1_docker_without_gcp/terraform/modules/user_accounts/main.tf
+++ b/examples/1_docker_without_gcp/terraform/modules/user_accounts/main.tf
@@ -25,7 +25,7 @@ resource "vault_ssh_secret_backend_role" "user_account" {
   backend                 = "ssh"
   key_type                = "ca"
   allow_user_certificates = true
-  allowed_users           = join(",", compact(concat(list(var.username), var.unix_roles)))
+  allowed_users           = join(",", compact(concat(tolist([var.username]), var.unix_roles)))
 
   default_extensions = {
     "permit-agent-forwarding" = ""
@@ -34,6 +34,6 @@ resource "vault_ssh_secret_backend_role" "user_account" {
     "permit-X11-forwarding"   = ""
   }
 
-  default_user = join(",", compact(concat(list(var.username), var.unix_roles)))
+  default_user = join(",", compact(concat(tolist([var.username]), var.unix_roles)))
   ttl          = var.ssh_sign_ttl
 }